To avoid passing TPM emulator parameters around individually, move them
into a structure and pass around the structure.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
v3:
- Made virDomainTPMEmulatorDef first parameter to functions
- Applied Marc-André's R-b
---
src/conf/domain_conf.h | 26 +++++++++--------
src/conf/virconftypes.h | 2 ++
src/qemu/qemu_tpm.c | 64 ++++++++++++++---------------------------
3 files changed, 37 insertions(+), 55 deletions(-)
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 45c52107e8..08c6526711 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1473,6 +1473,19 @@ typedef enum {
#define VIR_DOMAIN_TPM_DEFAULT_DEVICE "/dev/tpm0"
+struct _virDomainTPMEmulatorDef {
+ virDomainTPMVersion version;
+ virDomainChrSourceDef *source;
+ virDomainTPMSourceType source_type;
+ char *source_path;
+ char *logfile;
+ unsigned int debug;
+ unsigned char secretuuid[VIR_UUID_BUFLEN];
+ bool hassecretuuid;
+ bool persistent_state;
+ virBitmap *activePcrBanks;
+};
+
struct _virDomainTPMDef {
virObject *privateData;
@@ -1483,18 +1496,7 @@ struct _virDomainTPMDef {
struct {
virDomainChrSourceDef *source;
} passthrough;
- struct {
- virDomainTPMVersion version;
- virDomainChrSourceDef *source;
- virDomainTPMSourceType source_type;
- char *source_path;
- char *logfile;
- unsigned int debug;
- unsigned char secretuuid[VIR_UUID_BUFLEN];
- bool hassecretuuid;
- bool persistent_state;
- virBitmap *activePcrBanks;
- } emulator;
+ virDomainTPMEmulatorDef emulator;
struct {
virDomainChrSourceDef *source;
} external;
diff --git a/src/conf/virconftypes.h b/src/conf/virconftypes.h
index f18ebcca10..59be61cea4 100644
--- a/src/conf/virconftypes.h
+++ b/src/conf/virconftypes.h
@@ -234,6 +234,8 @@ typedef struct _virDomainAudioDef virDomainAudioDef;
typedef struct _virDomainTPMDef virDomainTPMDef;
+typedef struct _virDomainTPMEmulatorDef virDomainTPMEmulatorDef;
+
typedef struct _virDomainThreadSchedParam virDomainThreadSchedParam;
typedef struct _virDomainTimerCatchupDef virDomainTimerCatchupDef;
diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
index edd10ca2f6..6d7625f6f4 100644
--- a/src/qemu/qemu_tpm.c
+++ b/src/qemu/qemu_tpm.c
@@ -368,33 +368,26 @@ qemuTPMGetSwtpmSetupStateArg(const virDomainTPMSourceType source_type,
/*
* qemuTPMEmulatorRunSetup
*
- * @source_type: type of storage
- * @source_path: path to the directory for TPM state
+ * @emulator: emulator parameters
* @vmname: the name of the VM
* @vmuuid: the UUID of the VM
* @privileged: whether we are running in privileged mode
* @swtpm_user: The userid to switch to when setting up the TPM;
* typically this should be the uid of 'tss' or 'root'
* @swtpm_group: The group id to switch to
- * @logfile: The file to write the log into; it must be writable
- * for the user given by userid or 'tss'
- * @tpmversion: The version of the TPM, either a TPM 1.2 or TPM 2
- * @encryption: pointer to virStorageEncryption holding secret
+ * @secretuuid: UUID describing virStorageEncryption holding secret
* @incomingMigration: whether we have an incoming migration
*
* Setup the external swtpm by creating endorsement key and
* certificates for it.
*/
static int
-qemuTPMEmulatorRunSetup(const virDomainTPMSourceType source_type,
- const char *source_path,
+qemuTPMEmulatorRunSetup(const virDomainTPMEmulatorDef *emulator,
const char *vmname,
const unsigned char *vmuuid,
bool privileged,
uid_t swtpm_user,
gid_t swtpm_group,
- const char *logfile,
- const virDomainTPMVersion tpmversion,
const unsigned char *secretuuid,
bool incomingMigration)
{
@@ -403,14 +396,15 @@ qemuTPMEmulatorRunSetup(const virDomainTPMSourceType source_type,
char uuid[VIR_UUID_STRING_BUFLEN];
g_autofree char *vmid = NULL;
g_autofree char *swtpm_setup = virTPMGetSwtpmSetup();
- g_autofree char *tpm_state = qemuTPMGetSwtpmSetupStateArg(source_type, source_path);
+ g_autofree char *tpm_state = qemuTPMGetSwtpmSetupStateArg(emulator->source_type,
+ emulator->source_path);
if (!swtpm_setup)
return -1;
- if (!privileged && tpmversion == VIR_DOMAIN_TPM_VERSION_1_2 &&
+ if (!privileged && emulator->version == VIR_DOMAIN_TPM_VERSION_1_2 &&
!virTPMSwtpmSetupCapsGet(VIR_TPM_SWTPM_SETUP_FEATURE_TPM12_NOT_NEED_ROOT)) {
- return virFileWriteStr(logfile,
+ return virFileWriteStr(emulator->logfile,
_("Did not create EK and certificates since this requires privileged mode for a TPM 1.2\n"), 0600);
}
@@ -425,7 +419,7 @@ qemuTPMEmulatorRunSetup(const virDomainTPMSourceType source_type,
virCommandSetUID(cmd, swtpm_user);
virCommandSetGID(cmd, swtpm_group);
- switch (tpmversion) {
+ switch (emulator->version) {
case VIR_DOMAIN_TPM_VERSION_1_2:
break;
case VIR_DOMAIN_TPM_VERSION_2_0:
@@ -443,7 +437,7 @@ qemuTPMEmulatorRunSetup(const virDomainTPMSourceType source_type,
virCommandAddArgList(cmd,
"--tpm-state", tpm_state,
"--vmid", vmid,
- "--logfile", logfile,
+ "--logfile", emulator->logfile,
"--createek",
"--create-ek-cert",
"--create-platform-cert",
@@ -453,7 +447,7 @@ qemuTPMEmulatorRunSetup(const virDomainTPMSourceType source_type,
} else {
virCommandAddArgList(cmd,
"--tpm-state", tpm_state,
- "--logfile", logfile,
+ "--logfile", emulator->logfile,
"--overwrite",
NULL);
}
@@ -463,7 +457,7 @@ qemuTPMEmulatorRunSetup(const virDomainTPMSourceType source_type,
if (virCommandRun(cmd, &exitstatus) < 0 || exitstatus != 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Could not run '%1$s'. exitstatus: %2$d; Check error log '%3$s' for details."),
- swtpm_setup, exitstatus, logfile);
+ swtpm_setup, exitstatus, emulator->logfile);
return -1;
}
@@ -492,41 +486,32 @@ qemuTPMPcrBankBitmapToStr(virBitmap *activePcrBanks)
/*
* qemuTPMEmulatorReconfigure
*
- *
- * @source_type: type of storage
- * @source_path: path to the directory for TPM state
+ * @emulator: emulator parameters
* @swtpm_user: The userid to switch to when setting up the TPM;
* typically this should be the uid of 'tss' or 'root'
* @swtpm_group: The group id to switch to
- * @activePcrBanks: The string describing the active PCR banks
- * @logfile: The file to write the log into; it must be writable
- * for the user given by userid or 'tss'
- * @tpmversion: The version of the TPM, either a TPM 1.2 or TPM 2
* @secretuuid: The secret's UUID needed for state encryption
*
* Reconfigure the active PCR banks of a TPM 2.
*/
static int
-qemuTPMEmulatorReconfigure(const virDomainTPMSourceType source_type,
- const char *source_path,
+qemuTPMEmulatorReconfigure(const virDomainTPMEmulatorDef *emulator,
uid_t swtpm_user,
gid_t swtpm_group,
- virBitmap *activePcrBanks,
- const char *logfile,
- const virDomainTPMVersion tpmversion,
const unsigned char *secretuuid)
{
g_autoptr(virCommand) cmd = NULL;
int exitstatus;
g_autofree char *activePcrBanksStr = NULL;
g_autofree char *swtpm_setup = virTPMGetSwtpmSetup();
- g_autofree char *tpm_state = qemuTPMGetSwtpmSetupStateArg(source_type, source_path);
+ g_autofree char *tpm_state = qemuTPMGetSwtpmSetupStateArg(emulator->source_type,
+ emulator->source_path);
if (!swtpm_setup)
return -1;
- if (tpmversion != VIR_DOMAIN_TPM_VERSION_2_0 ||
- (activePcrBanksStr = qemuTPMPcrBankBitmapToStr(activePcrBanks)) == NULL ||
+ if (emulator->version != VIR_DOMAIN_TPM_VERSION_2_0 ||
+ (activePcrBanksStr = qemuTPMPcrBankBitmapToStr(emulator->activePcrBanks)) == NULL ||
!virTPMSwtpmSetupCapsGet(VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_RECONFIGURE_PCR_BANKS))
return 0;
@@ -542,7 +527,7 @@ qemuTPMEmulatorReconfigure(const virDomainTPMSourceType source_type,
virCommandAddArgList(cmd,
"--tpm-state", tpm_state,
- "--logfile", logfile,
+ "--logfile", emulator->logfile,
"--pcr-banks", activePcrBanksStr,
"--reconfigure",
NULL);
@@ -552,7 +537,7 @@ qemuTPMEmulatorReconfigure(const virDomainTPMSourceType source_type,
if (virCommandRun(cmd, &exitstatus) < 0 || exitstatus != 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Could not run '%1$s --reconfigure'. exitstatus: %2$d; Check error log '%3$s' for details."),
- swtpm_setup, exitstatus, logfile);
+ swtpm_setup, exitstatus, emulator->logfile);
return -1;
}
@@ -628,21 +613,14 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm,
secretuuid = tpm->data.emulator.secretuuid;
if (run_setup &&
- qemuTPMEmulatorRunSetup(tpm->data.emulator.source_type,
- tpm->data.emulator.source_path, vmname, vmuuid,
+ qemuTPMEmulatorRunSetup(&tpm->data.emulator, vmname, vmuuid,
privileged, swtpm_user, swtpm_group,
- tpm->data.emulator.logfile,
- tpm->data.emulator.version,
secretuuid, incomingMigration) < 0)
goto error;
if (!incomingMigration &&
- qemuTPMEmulatorReconfigure(tpm->data.emulator.source_type,
- tpm->data.emulator.source_path,
+ qemuTPMEmulatorReconfigure(&tpm->data.emulator,
swtpm_user, swtpm_group,
- tpm->data.emulator.activePcrBanks,
- tpm->data.emulator.logfile,
- tpm->data.emulator.version,
secretuuid) < 0)
goto error;
--
2.47.0© 2016 - 2024 Red Hat, Inc.